lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20120610192253.6536e200@terabyte>
Date: Sun, 10 Jun 2012 19:22:53 -0400
From: Benjamin Kreuter <ben.kreuter@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Obama Order Sped Up Wave of Cyberattacks
	Against Iran

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On Sun, 10 Jun 2012 17:06:37 -0400
Laurelai <laurelai@...echan.org> wrote:

> I am a bit surprised by the direction of this conversation and I have
> been waiting for someone to say the obvious in regards to protecting
> yourself from .gov malware, it really is quite simple if you think
> about it. Stuxnet, duqu, flame, ect.. all only run on windows
> platforms. If the people you are protecting are concerned about that
> kind of malware (and they should be) it would be a great time to tell
> them about GNU/Linux, BSD, ect..

Which would do little to protect anyone.  Do you really think that
GNU/Linux would be a more difficult target for the NSA (or whichever
agencies were responsible -- I would guess the NSA, but there may be
others)?  GNU/Linux machines are compromised by criminals all the time,
and the majority of people would not be willing to put in the effort
needed to keep their system secure.

There are probably a bunch of remote exploits in the Linux kernel, in
Firefox and Chrome, in OpenSSL and NSS, in Ghostscript, and in any of
the thousands of other packages that will be installed on a typical
GNU/Linux system.

There is no magic bullet here.  Security is not about running the right
OS, it is about running your OS the right way (and more).  Telling
people that using GNU/Linux will make them safe is silly.

- -- Ben


- -- 
Benjamin R Kreuter
UVA Computer Science
brk7bx@...ginia.edu
KK4FJZ

- --

"If large numbers of people are interested in freedom of speech, there
will be freedom of speech, even if the law forbids it; if public
opinion is sluggish, inconvenient minorities will be persecuted, even
if laws exist to protect them." - George Orwell
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)

iQIcBAEBCgAGBQJP1SxSAAoJEOV0+MnZK9ijPB0P/1NQQ5ea/xQhu4vdPdMz02Km
rzs/ecj4BXuD1k9kmFiZtoU9g9yG4Vm1J99baD/ywV83XeOqLuQREk0Zhv6fumax
x8Cj0GEYXNinmg1n5nYqgr4g7Ba2GBc0D7NGkyckKHXpIu6QkThKKYOwdSjFkmJS
yjH+2Gzz03tGHuiz/0S0mZYt6H02OAl6/cEXX45PkxnAR2V2EU2v738WcS6dpI9P
sAu4osMBg8DfF/Zo+ioHcsDao7+8apJ/meVpQoZ4UDQEfasacoKVWRFKhaVKxZNG
lwhqtJObpNYkMCK2/YH6JXttA6Dx93aQ2Wa0vq2sdquDK+R7V2HRd6oKgLWobCOj
Pb5m//RLZRSM39rvBwOZ5ehX72zc32V+wONai+qNqEpjcD5h2JfcxsySQ9QD6dR3
c5AL4RTsEqA1Nm6gmoZlD5geQL7b9L/9s40T7bbFXUh0I5sUFLdvqyQWx8CD8nVE
UxWqIlCHiZ5DLFJuXneNBhBtwEJjc9AnTrDUnRwdU/V1egf8XtXjIEJI7/6CRlex
oUQBVwEE0lhRZuY/5JLIFivWMXcCXQ0awl/75rJjcULZQ/Qp7Dg/Icz34wKHrg3H
FhFMtevC2KzFg2ivjqZNA4I2QQSVmSAIiGE1PMg1Cylb3eleAE4wvof24D4SE8VK
uL1btjgFXC5QfqPp0Mvl
=a5T+
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ